CVE-2020-15484

An issue was discovered on Nescomed Multipara Monitor M1000 devices. The internal storage of the underlying Linux system stores data in cleartext, without integrity protection against tampering.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 34%
VendorProductVersion
niscomedm1000_multipara_patient_monitor_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://payatu.com/advisory/lack-of-medical-data-encryption-in-niscomed-patient-monitor
https://www.niscomed.com/multipara-monitor.html
https://payatu.com/advisory/lack-of-medical-data-encryption-in-niscomed-patient-monitor
https://www.niscomed.com/multipara-monitor.html